[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Sep 2 10:10:59 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
06b71b12 by Salvatore Bonaccorso at 2024-09-02T11:10:21+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,41 +1,41 @@
 CVE-2024-8370 (A vulnerability classified as problematic was found in Grocy up to 4.2 ...)
 	TODO: check
 CVE-2024-8365 (Vault Community Edition and Vault Enterprise experienced a regression  ...)
-	TODO: check
+	NOT-FOR-US: HashiCorp Vault
 CVE-2024-7871 (SQL Injection in online dictionary function of Easytest Online Test Pl ...)
-	TODO: check
+	NOT-FOR-US: Easytest Online Test Platform
 CVE-2024-7692 (The Flaming Forms WordPress plugin through 1.0.1 does not sanitise and ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7691 (The Flaming Forms WordPress plugin through 1.0.1 does not sanitise and ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7690 (The DN Popup WordPress plugin through 1.2.2 does not have CSRF check i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7354 (The Ninja Forms  WordPress plugin before 3.8.11 does not escape an URL ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-45528 (CodeAstro MembershipM-PHP (aka Membership Management System in PHP) 1. ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro MembershipM-PHP (aka Membership Management System in PHP)
 CVE-2024-45527 (REDCap 14.7.0 allows HTML injection via the project title of a New Pro ...)
 	TODO: check
 CVE-2024-45522 (Linen before cd37c3e does not verify that the domain is linen.dev or w ...)
 	TODO: check
 CVE-2024-45509 (In MISP through 2.4.196, app/Controller/BookmarksController.php does n ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2024-45508 (HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ...)
 	TODO: check
 CVE-2024-45270 (WordPress plugin "Carousel Slider" provided by Sayful Islam contains a ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-45269 (WordPress plugin "Carousel Slider" provided by Sayful Islam contains a ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43776 (SQL Injection in mock exam function of Easytest Online Test Platform v ...)
-	TODO: check
+	NOT-FOR-US: Easytest Online Test Platform
 CVE-2024-43775 (SQL Injection in search course titles function of Easytest Online Test ...)
-	TODO: check
+	NOT-FOR-US: Easytest Online Test Platform
 CVE-2024-43774 (SQL Injection in download personal learning course function of Easytes ...)
-	TODO: check
+	NOT-FOR-US: Easytest Online Test Platform
 CVE-2024-43773 (SQL Injection in download class learning course function of Easytest O ...)
-	TODO: check
+	NOT-FOR-US: Easytest Online Test Platform
 CVE-2024-43772 (SQL Injection in download student learning course function of Easytest ...)
-	TODO: check
+	NOT-FOR-US: Easytest Online Test Platform
 CVE-2024-41160 (in OpenHarmony v4.1.0 and prior versions allow a local attacker cause  ...)
 	TODO: check
 CVE-2024-41157 (in OpenHarmony v4.1.0 and prior versions allow a local attacker cause  ...)
@@ -65,7 +65,7 @@ CVE-2024-20085 (In power, there is a possible out of bounds read due to a missin
 CVE-2024-20084 (In power, there is a possible out of bounds read due to a missing boun ...)
 	TODO: check
 CVE-2024-5053 (The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & D ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8368 (A vulnerability was found in code-projects Hospital Management System  ...)
 	NOT-FOR-US: Hospital Management System
 CVE-2024-8367 (A vulnerability was found in HM Courts & Tribunals Service Probate Bac ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06b71b1271e683ef56530c8a5fbbab81b87ae69c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06b71b1271e683ef56530c8a5fbbab81b87ae69c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240902/4eaa0688/attachment.htm>

More information about the debian-security-tracker-commits mailing list